Tavis Ormandy discovered that the aam instruction can be abused to crash qemu through a division by zero, resulting in denial of service. public via http://taviso.decsystem.org/virtsec.pdf also see http://lists.xensource.com/archives/html/xen-devel/2007-05/msg00021.html
Not vulnerable. This issue did not affect Xen as shipped with Red Hat Enterprise Linux 5.